I want to apply aggregation in elastic on field count
Example:
domain:["config","test"] <----- field
I want to check that how many times this domain is present in docs.
you can use the terms aggregation on the domain field, but you need to make sure that domain field or its subfield is of the keyword type.
Related
I have a situation where I need to search from multiple indexes (products and users). Below is a sample query I am using to do that search
http://localhost:9200/_all/_search?q=*wood*
http://localhost:9200/users,products/_search?q=*wood*
With the above API request, it only returns search results for the product index. But if I search using the below API it returns search results for users index
http://localhost:9200/users/_search?q=*wood*
As you can see I am passing same value for "q" parameter. I need to search for both product and users index and check if there is the word "wood" in any attribute in both indexes. How can I achieve this
You can pass multiple index names instead of _all as it will search in other indices that you don't intent to by using the comma seprated index name like
http://localhost:9200/users,products/_search?q=*wood*
Although, _all should also fetch the result from users index which you get when you specify its name, you need to debug why its happening, maybe increase the size param to 1000 as by default Elasticsearch returns only 10 results and it seems in case of _all all the top results coming from products index only.
I want to delete documents not having a specific field in elastic search. I tried combination of must_not and exists but its giving documents in which the field is there but its null.But i want the docs in which the field is not present at all.
I want to filter the elastic search aggregation results in Kibana (v6.2). For example, I want to show only sum of hours those that are more than 100 (like HAVING command in SQL). I know that we can filter the results in filter section over other fields, but I don't know how to apply the filter on aggregation functions. I tried to use post_filter in filter section in Kibana, but it didn't work.
Any ideas?
You can augment aggregation query within advanced field
It will be added to request as shown on picture
Another question is what to put into this field. You can check script values for sum aggregation
I wanted to group documents based on Name and Lat, Lang in Elastic Search.I explored the aggregations API but it gives only a count for a specific criteria not the actual documents.Is there a way in which we can do this in Elastic Search
you could use nested aggregations - something like aggregate by name, _id. And use second query to get document by ids.
I believe it is impossible for the _all field to contain ngram tokens. How can I mimic this behavior?
I have 7 types of entities, each with about 10 fields. Of those 70 total fields, about 15 must support partial search (using an ngram index analyzer). All fields will use the same search analyzer.
Is copy_to supported in Nest? I don't see it. If so, can different fields have different analyzers?
My thinking so far: If copy_to is supported, all fields I want to search would be copied to a single field, one per type, called "aggregate". The search query would specify a multifield search which included each of these aggregate fields.
The _all field can in fact contain nGram tokens. You have the ability to define both the search and index analyzers for the _all field. Please see my previous question Set analyzers for _all field with NEST However, you will need to pull the source for NEST and compile it to get this functionality, as it is not in the NEST 1.0.0-beta1 release on NuGet.